On Friday, July 20, 2001 19:11:02 -0700, Dan Kaminsky <[EMAIL PROTECTED]> wrote: +----- | The big issue here, of course, is not that sshd incorrectly checks the | cryptographic hash of an inadequately sized password but that it checks it | at all. NP, as far as I know, specifically stands for No Password | (acceptable, *not* needed), and !! I believe has the same meaning for | Linux(! for "no"). SSHD has traditionally when possible directly tested +--->8 Is it me, or is this the *same* bug that was found in the 1.2.x code some time back? -- brandon s. allbery [os/2][linux][solaris][freebsd] [EMAIL PROTECTED] system administrator [JAPH][WAY too many hats] [EMAIL PROTECTED] electrical and computer engineering KF8NH carnegie mellon university [linux: proof of the million monkeys theory]
- URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0... Stephanie Thomas
- Re: URGENT SECURITY ADVISORY FOR SSH SECURE ... Dan Kaminsky
- Re: URGENT SECURITY ADVISORY FOR SSH SEC... Dale Southard
- Re: URGENT SECURITY ADVISORY FOR SSH... Nate Eldredge
- Re: URGENT SECURITY ADVISORY FOR SSH SEC... Brandon S. Allbery KF8NH
- Re: URGENT SECURITY ADVISORY FOR SSH SECURE ... Michal Zalewski
- Re: URGENT SECURITY ADVISORY FOR SSH SEC... j
- Re: URGENT SECURITY ADVISORY FOR SSH SEC... Trond Eivind Glomsr�d
- Re: URGENT SECURITY ADVISORY FOR SSH SECURE ... Jen B.
- Re: URGENT SECURITY ADVISORY FOR SSH SECURE ... Marcus Meissner
- Re: URGENT SECURITY ADVISORY FOR SSH SECURE ... Florian Weimer
- Re: URGENT SECURITY ADVISORY FOR SSH SEC... Thomas Roessler
- Re: URGENT SECURITY ADVISORY FOR SSH... Lucian Hudin
- RE: URGENT SECURITY ADVISORY FOR SSH... Sports
- Re: URGENT SECURITY ADVISORY FOR... Seth Arnold
